First of all thank you to Stéphane for his QApache module that gave me the idea to try the container "path" (from Padawan to Jedi)
This set of information is mainly done to use NextCloud but can be used as a base for any PHP app
In the QNAP apps, install container than, in container :
- Go to "Create"
- search for "nfatrez/docker-apache24-php72"
- Press the "Create" button
- Go to "Advanced settings"
- in "Network"
- Network Mode -> NAT
- Port forwarding:
- 88 -> 80 - TCP
- 448 -> 443 - TCP
- In "Shared Folders" (You will need to map every drives you will want to access from the app!! think twice or more before or you have to do it all again). I personnaly map (in "Volume from host"):
- /Web -> /var/www/html
- /WhereverSharedFolderYoullStoreYourNextcloudDataIn -> /nextcloud
- /WhatEverFolderYoullNeedToReadorWriteIn -> /YouPick
- once the container is running, you need to SSH your NAS - once in your need to log to your container by running the following commands:
- "docker ps" -> will give you the container IDs or your images - locate nfatrez/docker-apache24-php72 and its ID !
- "docker exec -i -t <IDOfTheContainer> bash"
- You're now in. Run:
- "apt update && apt upgrade -y && apt dist-upgrade && apt-get -y autoremove" -> Will update the container, with all the latest versions and remove all the useless components
- "dpkg-reconfigure tzdata" to set the time zone your server is located in
- OPTIONAL: I personnally install those modules for NextCloud and also for editing files: "apt-get install -y nano php7.2-zip php7.2-mbstring apt-utils php-apcu"
- Now, time to set up Apache config file:
- "nano /etc/apache2/apache2.conf"
- at the very bottom, change: ServerName <yoursubdomain>.myqnapcloud.com
- If you need https, also add this: CAREFUL about the tag: <forlderContainingYourCertificates>, you need to change it to your usage
Code : Tout sélectionner
LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so SSLRandomSeed startup file:/dev/urandom 512 Listen 443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl <VirtualHost _default_:443> Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" ErrorLog /dev/null TransferLog /dev/null SSLEngine on SSLProxyCheckPeerExpire off SSLProxyCheckPeerName off SSLProxyCheckPeerCN off SSLProxyEngine on SSLHonorCipherOrder on SSLCipherSuite EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:!MD5 SSLProtocol All -SSLv2 -SSLv3 SSLCertificateFile "/<forlderContainingYourCertificates>/stunnel.pem" SSLCertificateChainFile "/<forlderContainingYourCertificates>/uca.pem" <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost>
- For NextCloud, we need to configure the opcache:
- edit the php.ini: "nano /etc/php/7.2/apache2/php.ini"
- in the [opcache] section we add
Code : Tout sélectionner
opcache.enable=1 opcache.enable_cli=1 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=10000 opcache.memory_consumption=128 opcache.save_comments=1 opcache.revalidate_freq=1
- Time to restart apache and see if everything works
- first, enable module headers: "a2enmod headers"
- Then "service apache2 restart" - if it writes OK, you're good to go
- NOW BE CAREFULL! If you restart the container, all you just did will be LOST !!! You now need to COMMIT your changes so they become permanent:
- Exit the container -> "exit"
- get the ID of the container you want to commit -> "docker ps" (should be the same as the one used earlier)
- "docker commit <IDOfTheContainer>"
Voilà, you should be good to go, let me know if you have any comments, all the best